diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0579dc4833a697520001b6befab794dbf6dce2d5..46157a0218e440837f94ed7aea2a42243c477ed3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,10 @@
+## [7.3.2](https://gitlab.com/to-be-continuous/python/compare/7.3.1...7.3.2) (2024-11-02)
+
+
+### Bug Fixes
+
+* limit security reports access to developer role or higher ([40c85ef](https://gitlab.com/to-be-continuous/python/commit/40c85eff562a00ceb9b381ef72472ce1910b97ab))
+
## [7.3.1](https://gitlab.com/to-be-continuous/python/compare/7.3.0...7.3.1) (2024-10-25)
diff --git a/README.md b/README.md
index 2de10dc1040579b0cb671df31576f987d8c66c9c..4af1d8947a2f63272c82dc6af2ecc428092284fb 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ Add the following to your `.gitlab-ci.yml`:
```yaml
include:
# 1: include the component
- - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.1
+ - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.2
# 2: set/override component inputs
inputs:
image: registry.hub.docker.com/library/python:3.12-slim
@@ -29,7 +29,7 @@ Add the following to your `.gitlab-ci.yml`:
include:
# 1: include the template
- project: 'to-be-continuous/python'
- ref: '7.3.1'
+ ref: '7.3.2'
file: '/templates/gitlab-ci-python.yml'
variables:
@@ -521,9 +521,9 @@ With:
```yaml
include:
# main component
- - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.1
+ - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.2
# Vault variant
- - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-vault@7.3.1
+ - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-vault@7.3.2
inputs:
vault-base-url: "https://vault.acme.host/v1"
# audience claim for JWT
@@ -563,13 +563,13 @@ The variant requires the additional configuration parameters:
```yaml
include:
- - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.1
+ - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.2
# 2: set/override component inputs
inputs:
image: registry.hub.docker.com/library/python:3.12-slim
pytest-enabled: true
- - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-gcp@7.3.1
+ - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-gcp@7.3.2
inputs:
# common OIDC config for non-prod envs
gcp-oidc-provider: "projects/<gcp_nonprod_proj_id>/locations/global/workloadIdentityPools/<pool_id>/providers/<provider_id>"
diff --git a/templates/gitlab-ci-python-gcp.yml b/templates/gitlab-ci-python-gcp.yml
index e22511b060a2a11c904cd54e23f62b1961a36245..43d02cb25653f0cf490b26cfc60a0c6f2db4215c 100644
--- a/templates/gitlab-ci-python-gcp.yml
+++ b/templates/gitlab-ci-python-gcp.yml
@@ -44,7 +44,7 @@ variables:
image: $PYTHON_IMAGE
services:
- name: "$TBC_TRACKING_IMAGE"
- command: ["--service", "python", "7.3.1"]
+ command: ["--service", "python", "7.3.2"]
variables:
GCP_JWT: $GCP_JWT
before_script:
diff --git a/templates/gitlab-ci-python-vault.yml b/templates/gitlab-ci-python-vault.yml
index 81e875625d168fc5da7240ae9a75fa58a0843110..29148e74dafd7b350731d62f8f99bbf0bf3559c2 100644
--- a/templates/gitlab-ci-python-vault.yml
+++ b/templates/gitlab-ci-python-vault.yml
@@ -22,7 +22,7 @@ variables:
.python-base:
services:
- name: "$TBC_TRACKING_IMAGE"
- command: ["--service", "python", "7.3.1"]
+ command: ["--service", "python", "7.3.2"]
- name: "$TBC_VAULT_IMAGE"
alias: "vault-secrets-provider"
variables:
diff --git a/templates/gitlab-ci-python.yml b/templates/gitlab-ci-python.yml
index 93dad4ebfe471977c8203d6fe537fc169512bc2c..fad409612f7aeb2296f66d565cffc42ad04c6b34 100644
--- a/templates/gitlab-ci-python.yml
+++ b/templates/gitlab-ci-python.yml
@@ -960,7 +960,7 @@ stages:
image: $PYTHON_IMAGE
services:
- name: "$TBC_TRACKING_IMAGE"
- command: ["--service", "python", "7.3.1"]
+ command: ["--service", "python", "7.3.2"]
variables:
# set local cache dir; most Python tools honour XDG specs
XDG_CACHE_HOME: "$CI_PROJECT_DIR/.cache"